A Digital Rights Management (DRM) refers to a system technology for safely protecting rights for digital contents and systematically managing them. The DRM provides a protecting and managing scheme for preventing the illegal copy of a content, acquiring DRM contents RO, and generating and transferring the content.
FIG. 1 illustrates a construction of a typical DRM system. The DRM system controls content issued to a user by a content provider to be used only in a right-limit of RO. Here, the content provider refers to an entity corresponding to a Content Issuer (CI) and/or a Rights Issuer (RI).
The CI issues a protected content (hereinafter, referred to as DRM content) using a particular encryption key so as to protect the content from users having no access right therefor, while the RI issues RO required to use the protected content.
A DRM agent is mounted in a device thus to receive contents and their ROs from the CI and the RI, respectively. The DRM agent then analyzes (interprets) permission and/or constraint included in the ROs, thereby controlling the use of contents in the device.
Regarding a procedure of moving a domain RO between devices subscribed in a user domain In the related art, a device 1 performs a process of transferring an RO received from the RI to a device 2 through a Move Domain RO Request procedure and a Move Domain RO Response procedure, and sending the contents (DRM content format (DCF)) received from the CI to the device 2. However, in this process, the domain RO movement is allowed to be performed without any confirmation as to whether a receiver device is a properly subscribed member of the user domain, resulting in an occurrence of a security relevant problem.
Therefore, a method for ascertaining whether a receiver device of the RO has available authentication information is required.